Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/Yq8p-Zl2UZI4Tb-nuCgzMSOT2M4.roa
File: Yq8p-Zl2UZI4Tb-nuCgzMSOT2M4.roa (raw, json)
Hash identifier: nZW2inX60+r3Vn2H9HqAa0liDQDWLVr6X/Z09+vg9g4=
Subject key identifier: 62:AF:29:F9:99:76:51:92:38:4D:BF:A7:B8:28:33:31:23:93:D8:CE
Certificate issuer: /CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Certificate serial: 01942747664A218A8880A855467A0E683483
Authority key identifier: 2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/Yq8p-Zl2UZI4Tb-nuCgzMSOT2M4.roa
Signing time: Thu 02 Jan 2025 13:49:38 +0000
ROA not before: Thu 02 Jan 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 31.28.65.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.80.0/22 maxlen: 22
31.28.84.0/23 maxlen: 23
31.28.86.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
178.18.116.0/23 maxlen: 23
178.18.119.0/24 maxlen: 24
185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.135.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:66:4a:21:8a:88:80:a8:55:46:7a:0e:68:34:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Validity
Not Before: Jan 2 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62af29f999765192384dbfa7b82833312393d8ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1c:1b:68:6d:64:1d:88:d3:9d:aa:82:36:f6:
37:e0:12:a1:12:95:e3:7b:6d:20:c6:f2:68:71:a1:
d6:dc:3b:b3:62:8b:18:2f:ed:e7:25:b0:5b:3c:a4:
67:46:c0:6c:49:8c:97:19:0b:4b:b0:35:c1:b7:9b:
1d:fd:4f:3f:69:61:ff:35:20:cd:7d:b1:27:5c:e5:
7c:df:b9:ea:08:0e:fa:fe:97:ef:92:f4:57:02:e6:
fc:78:b8:7a:0c:b4:f5:ee:57:2c:18:c0:f3:03:c5:
fa:ac:94:82:39:4e:e3:76:8f:1b:ec:1c:8a:6c:e3:
54:38:2e:e0:49:f7:f7:33:57:ff:a2:53:a0:42:cf:
5d:cf:58:5a:9a:df:bd:10:f7:24:53:d0:74:25:a2:
13:81:aa:c7:e0:8a:2e:c8:7c:7d:88:d1:ee:50:d4:
a0:77:11:51:f9:85:57:b8:cc:24:82:a9:74:f0:af:
49:b9:6b:11:18:d2:fd:4e:d1:1b:1a:2a:d3:9f:0e:
d7:d2:d1:36:08:96:a0:63:81:aa:11:6e:2d:92:03:
02:50:91:5a:7e:89:cf:b2:fd:89:b5:46:cc:6e:59:
09:63:81:ed:ca:07:8b:f9:97:d8:2b:75:77:ae:ca:
ba:19:dc:64:a2:0e:0d:25:01:ab:04:2e:13:c7:0f:
6a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AF:29:F9:99:76:51:92:38:4D:BF:A7:B8:28:33:31:23:93:D8:CE
X509v3 Authority Key Identifier:
keyid:2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/Yq8p-Zl2UZI4Tb-nuCgzMSOT2M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
94.126.43.0/24
94.126.47.0/24
178.18.116.0/23
178.18.119.0/24
185.121.76.0/22
185.135.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:54:2d:53:67:2d:e8:c2:89:a2:ac:fd:85:2f:77:fd:e4:11:
5d:7e:b6:74:70:01:6d:c5:fc:a3:0b:e4:70:cb:6a:00:3b:e3:
3f:98:a3:d5:cd:02:d6:04:6a:b8:9c:c5:22:74:cd:10:3b:7c:
3d:38:05:4d:b7:1b:c2:90:f0:69:f0:86:8c:9e:25:1b:bc:a9:
c9:8a:08:7f:99:4d:ee:8a:51:0d:e6:6c:9a:8f:f2:8e:90:59:
a2:a4:c3:ff:9e:4e:7b:42:a2:a3:fd:bb:33:6c:46:18:ed:a6:
a2:a3:b9:89:7a:60:04:17:b0:59:bc:40:40:97:c3:5b:30:fe:
09:3f:52:48:66:2f:c6:c6:5e:0a:49:f6:4d:eb:5a:26:2c:57:
78:33:98:79:1b:7c:26:f7:e8:fd:12:b1:f6:6f:8c:8b:53:8e:
83:3a:ba:80:56:1e:2f:13:39:b7:ac:2b:4d:52:8b:07:77:fd:
93:80:64:9b:4f:dc:80:49:16:88:51:ed:6d:60:9f:d3:65:f3:
57:fc:97:31:03:b2:d4:8a:09:42:84:54:9e:0f:e9:0a:66:85:
46:dc:81:0a:ab:97:b0:70:53:4f:56:97:49:52:a9:ce:9b:7f:
25:71:28:e8:f2:30:66:a1:d1:11:70:0f:e0:3e:21:d0:96:39:
4c:07:0c:94
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZQnR2ZKIYqIgKhVRnoOaDSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMTE5NzU0ZmMxNGZmZTc5NjhhNjUxNmJkNDliZGIyNTYz
M2I4ODcwHhcNMjUwMTAyMTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFmMjlmOTk5NzY1MTkyMzg0ZGJmYTdiODI4MzMzMTIzOTNkOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRwbaG1kHYjTnaqCNvY34BKhEpXj
e20gxvJocaHW3DuzYosYL+3nJbBbPKRnRsBsSYyXGQtLsDXBt5sd/U8/aWH/NSDN
fbEnXOV837nqCA76/pfvkvRXAub8eLh6DLT17lcsGMDzA8X6rJSCOU7jdo8b7ByK
bONUOC7gSff3M1f/olOgQs9dz1hamt+9EPckU9B0JaITgarH4IouyHx9iNHuUNSg
dxFR+YVXuMwkgql08K9JuWsRGNL9TtEbGirTnw7X0tE2CJagY4GqEW4tkgMCUJFa
fonPsv2JtUbMblkJY4HtygeL+ZfYK3V3rsq6Gdxkog4NJQGrBC4Txw9q8wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGKvKfmZdlGSOE2/p7goMzEjk9jOMB8GA1UdIwQY
MBaAFC0Rl1T8FP/nloplFr1JvbJWM7iHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJHWFZQd1VfLWVXaW1VV3ZVbTlzbFl6dUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNzcxZTEtMzlhZi00MzUzLTk0N2Yt
MDFmYWNjNzQ3YzI0LzEvWXE4cC1abDJVWkk0VGItbnVDZ3pNU09UMk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNzcxZTEtMzlhZi00MzUzLTk0N2YtMDFmYWNjNzQ3YzI0
LzEvTFJHWFZQd1VfLWVXaW1VV3ZVbTlzbFl6dUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHxxBMAwD
BAAfHEMDBAAfHEQDBAAfHEYDBAAfHEgDBAAfHEswDAMEBB8cUAMEAB8cVgMEAF5+
KwMEAF5+LwMEAbISdAMEALISdwMEArl5TAMEArmHpDANBgkqhkiG9w0BAQsFAAOC
AQEAfVQtU2ct6MKJoqz9hS93/eQRXX62dHABbcX8owvkcMtqADvjP5ij1c0C1gRq
uJzFInTNEDt8PTgFTbcbwpDwafCGjJ4lG7ypyYoIf5lN7opRDeZsmo/yjpBZoqTD
/55Oe0Kio/27M2xGGO2moqO5iXpgBBewWbxAQJfDWzD+CT9SSGYvxsZeCkn2Teta
JixXeDOYeRt8Jvfo/RKx9m+Mi1OOgzq6gFYeLxM5t6wrTVKLB3f9k4Bkm0/cgEkW
iFHtbWCf02XzV/yXMQOy1IoJQoRUng/pCmaFRtyBCquXsHBTT1aXSVKpzpt/JXEo
6PIwZqHREXAP4D4h0JY5TAcMlA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:03 2025 by rpki-client